MS KB3083992: Update to Improve AppLocker Publisher Rule Enforcement

info Nessus Plugin ID 85880

Synopsis

The remote Windows host is missing a security update that prevents a potential rules bypass.

Description

The remote Windows host is missing KB3083992, a defense-in-depth update that improves the enforcement of publisher rules by Windows AppLocker. Specifically, the update corrects how AppLocker handles certificates to prevent bypassing publisher rules.

Solution

Install Microsoft KB3083992.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2015/3083992

https://support.microsoft.com/en-us/help/3083992/microsoft-security-advisory-update-to-improve-applocker-certificate-ha

Plugin Details

Severity: Info

ID: 85880

File Name: smb_kb3083992.nasl

Version: 1.5

Type: local

Agent: windows

Family: Windows

Published: 9/9/2015

Updated: 6/3/2021

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Patch Publication Date: 9/8/2015

Reference Information

IAVA: 2015-A-0217-S

MSKB: 3083992